AT&T Responds To The iPad Privacy Breach

Earlier today, Gawker's Ryan Tate reported that a security loophole had allowed hackers to obtain the email addresses of 114,000 iPad owners, including prominent figures in government, the military, and the tech industry.

While only consumers with Apple's iPad were affected, the breach appeared to be the fault of AT&T, which provides data service for 3G-enabled iPads.

AT&T just sent us its official response:

AT&T was informed by a business customer on Monday of the potential exposure of their iPad ICC IDS. The only information that can be derived from the ICC IDS is the e-mail address attached to that device.

This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the e-mail addresses.

The person or group who discovered this gap did not contact AT&T.

We are continuing to investigate and will inform all customers whose e-mail addresses and ICC IDS may have been obtained. At this point, there is no evidence that any other customer information was shared.

We take customer privacy very seriously and while we have fixed this problem, we apologize to our customers who were impacted.

Most of this is in line with what Gawker reported, except for one key detail: Goatse Security, the group that exposed the bug, told Gawker it informed AT&T of the problem. This statement expressly denies this.